Send documentation comments to mdsfeedback-doc@cisco.com
4-112
Cisco MDS 9000 Family Command Reference
OL-8413-07, Cisco MDS SAN-OS Release 3.x
Chapter 4 C Commands
crypto ca export
crypto ca export
To export the RSA key pair and the associated certificates (identity and CA) of a trust point within a
Public-Key Cryptography Standards (PKCS) #12 format file to a specified location, use the crypto ca
export command in configuration mode.
crypto ca export trustpoint-label pkcs12 destination-file-url pkcs12-password
Syntax Description
Defaults None.
Command Modes Configuration mode.
Command History
Usage Guidelines You can export the identity certificate along with the associated RSA key pair and CA certificate (or
certificate chain) to a PKCS #12 format file for backup purposes. You can later import the certificate and
RSA key pair to recover from a system crash on your switch.
Examples The following example shows how to export a certificate and key pair in PKCS #12 format.
switch# config terminal
switch(config)# crypto ca export admin-ca pkcs12 bootflash:adminid.p12 nbv123
Related Commands
trustpoint-label Specifies the name of the trust point. The maximum size is 64
characters.
pkcs12 destination-file-url Specifies a destination file in bootflash:filename format. The maximum
size is 512 characters.
pkcs12-password Specifies the password to be used to protect the RSA private key inthe
exported file. The maximum size is 64 characters.
Release Modification
3.0(1) This command was introduced.
Command Description
crypto ca import
trustpoint-label
certificate
Imports the identity certificate obtained from the CA to the trust point.
crypto ca import
trustpoint-label pkcs12
Imports the identity certificate and associated RSA key pair and CA
certificate (chain) to a trust point.
crypto key generate
rsa
Generates an RSA key pair.